REPLACEMENT CLAIMS 

1 . (canceled) 

2. (canceled) 

3. (canceled) 

4. (canceled) 

5. (canceled) 

6. (canceled) 

7. (currently amended) A method for controlling e-mail message transmission across 
an e-mail firewall, the e-mail firewall interposed between an internal network 
associated with an organization a first policy and an extemal network, the method 
comprising: 

intercepting a plurality of data packets associated with a message 
from a sender user associated with the internal network, the message 
directed to a recipient user associated with an extemal network; 

assembling said data packets to an application level message; 

filtering the application level message by examining textual 
content associated with the appHcation level message by employing 
content filter conditions of the associated organization first policy to 
provide a fihering result; and 

restricting the transmission of the application level message in 
accordance with said filtering result. 

8. (original) The method of Claim 7, wherein said filtering is by parsing the text of 
the message in accordance with said filter conditions. 

9. (original) The method of Claim 8, wherein said parsing of text is by searching for 
keywords in the text. 

10. (original) The method of Claim 8, wherein said parsing of text is by searching for 
word patterns in the text. 

11. (original) The method of Claim 10, wherein said filter conditions employ Boolean 
expressions. 
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12. (original) The method of Claim 7, wherein said filtering conditions include 
rejecting all executable attachments. 

13. (original) The method of Claim 7, wherein said filtering conditions include 
requiring executable attachments to include digital signatures. 

14. (original) The method Claim 13, further comprising filtering executable 
attachments by reference to a directory of trusted signatures. 

15. (original) The method of Claim 7, wherein said restricting the transmission 
includes routing the message in accordance with user defined routing policies. 

16. (currently amended) An e-mail control system for filtering e-mail communication 
transmitted fi"om an internal site associated with an organization a first policy to a 
plurality of external sites, the e-mail control system interposed between a public 
network and a private network associated with said intemal site, the e-mail 
control system comprising: 

a policy manager, the policy manager intercepting a plurality of data 
packets associated with an e-mail message transmitted firom a user associated with 
said intemal site to at least one user associated with said external site, the policy 
manages assembling the data packets to an application level message, the policy 
manager applying at least one policy imposed by the organizatio n first policy to 
said application level e-mail message by reference to textual content associated 
with said application level e-mail message; and 

a security manager coupled to the policy manager, the security manager 
adapted to process said application level e-mail message in accordance with 
policy results received fi'om said policy manager, the security manager facilitating 
the transmission of said application level e-mail message to the user associated 
with said external site in response to predetermined organizational policy results 
fi"om said policy manager. 

17. (currently amended) An e-mail control system for filtering e-mail communication 
received by an intemal site associated with an organization a first policy from an 
extemal site, the e-mail control system interposed between a public network and a 
private network associated with said intemal site, the e-mail control system 
comprising: 
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a policy manager, the policy manager intercepting a plurality of data 
packets associated with an e-mail message transmitted to a user associated with 
said internal site from a user associated with said external site, the policy manages 
assembling the data packets to an application level message, the policy manager 
applying at least one poHcy condition imposed by the organization first policy to 
said application level e-mail message by reference to properties of the application 
level e-mail message; and 

a security manager coupled to the policy manager, the security manager 
adapted to process said application level e-mail message in accordance with 
policy results received from said policy manager, the security manager facilitating 
the transmission of said application level e-mail message to the user associated 
with said internal site in response to pr e d e t e rmin e d organizational policy results 
from said policy manager. 

18. (currently amended) A method for filtering e-mail communication between an 
intemal site associated with an organization a first policy and one or more 
external sites, comprising: 

intercepting a plurality of data packets associated with an e-mail message 
transmitted between an intemal site and an external site, the intercepting 
comprising suspending a transmission flow of said e-mail message between said 
intemal site and said external site, the e-mail message associated with at least one 
recipient; 

assembling said data packets to an apphcation level message; 

applying at least one policy imposed by the organization first policy to 
said application level message e-mail message by reference to textual content 
associated with said application level e-mail message; and 

processing said apphcation level e-mail message in accordance with 
policy results received from said policy manager, said processing including 
sending said application level e-mail message to said at least one recipient in 
response to pr e d e t e rmin e d organizational policy results from said policy manager. 

19. (previously presented) The method of Claim 18, wherein said policy refers to a 
sender address. 
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20. (previously presented) The method of Claim 18, wherein said policy refers to a 
recipient address. 

21. (currently amended) The method of Claim 18, wherein said policy refers to 
content in the application level e-mail message body. 

22. (currently amended) The method of Claim 18, wherein said policy refers to a 
message header of said application level e-mail message. 

23. (previously presented) The method of Claim 1 8, wherein said processing said 
intercepted e-mail includes an action from the group consisting of pass, 
quarantine, re-route, return to sender, and send notification. 

24. (currently amended) A method for filtering e-mail messages transmitted from an 
external site to an internal site associated with an organization a first policy , 
comprising: 

intercepting a plurality of data packets associated with an e-mail message 
having a sender address associated with an external site; 

assembling said data packets to an application level message; 

extracting at least one recipient address from a recipient address field of 
the application level e-mail message; 

determining whether the [a] first p olicy impos e d by th e organization is 
applicable to said application level message by reference to said extracted 
recipient address; 

applying at least one organizational policy condition from said first policy 
to said application level e-mail message when said determining provides that said 
at l e ast on e first policy is applicable to said apphcation level e-mail message, said 
organizational policy condition referring to textual content associated with said 
application level e-mail message, said applying providing a policy application 
result; and 

processing said application level e-mail message in accordance with said 
organizational policy application result. 

25. (canceled) 

26. (canceled) 

27. (canceled) 
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28. (canceled) 

29. (new) A method for filtering e-mail messages transmitted from an external site to 
an internal site associated with a first policy, comprising: 

intercepting a plurality of data packets associated with an e-mail message 
having a sender address associated with an external site; 

assembling said data packets to an application level message; 

detecting whether the application level message includes a digital 
signature attachment; 

applying at least one policy condition to said application level e-mail 
message, said policy condition applied by reference to said attached digital 
signature, said applying providing a policy application result; and 

processing said application level e-mail message in accordance with said 
application result. 

30. (new) The method of Claim 29, further comprising applying at least a second 
policy condition to said application level e-mail message in response to a 
predetermined condition of the attached digital signature. 

3 1 . (new) The method of Claim 30, wherein said predetermined condition comprises 
detecting that the digital signature is a vahd digital signature. 

32. (new) The method of Claim 31, further comprising selecting the second policy 
condition by reference to an identity associated with the vahd digital signature. 

33. (new) the method of Claim 30, wherein the second policy condition detects 
whether the attached signature is associated with a domain which is included in a 
stored Ust of trusted domains. 
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SUMMARY 

Applicants respectfully submits that this application is now believed to be in a 
condition for allowance. 

If the Examiner wishes to direct any questions concerning this application to the 
undersigned Applicants' representative, please call the number indicated below. 

Dated: June 2, 2005 

Respectfully submitted, 



Reg. No. 46,194 

Attorney for Applicant 
(212) 735-3000 

Skadden, Arps, Slate, Meagher & Flom LLP 
Four Times Square 
New York, NY 10036 
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